2024-06-09_6a7525f9ea1e5faf5bdd36a92a18d2bf_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-09_6a7525f9ea1e5faf5bdd36a92a18d2bf_icedid
Size

18.7MB
MD5

6a7525f9ea1e5faf5bdd36a92a18d2bf
SHA1

50c3f4100373bff582418a407b0c6528ea6a58eb
SHA256

abecede3e1a9348ecdab2b65c4a1c68d589fa6716d6b07d3275a469f7fdba161
SHA512

c6ec22e2f0fe70b992cf3b19783d3bd255ed9b09c6b421b284cc066be4aa5c04185b4c09400849b98367f9097f671bcbf80358f14fe2901b1267f5bcfbb8d7a7
SSDEEP

393216:Y7J6ec9rARDnsflCQIGD4O0vtLpX0PiEpN:Jec/41vtLpkPiEpN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-09_6a7525f9ea1e5faf5bdd36a92a18d2bf_icedid

Files

2024-06-09_6a7525f9ea1e5faf5bdd36a92a18d2bf_icedid
.exe windows:4 windows x86 arch:x86

157aaa82bf1e370f638effe5d56b2d89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
MessageBoxA
SetPropA
EnumChildWindows
SendMessageA
GetMessageA
GetAncestor
EnumWindows
TranslateMessage
GetClassNameA
GetWindowLongA
GetWindowRect
GetDC
UpdateLayeredWindow
ReleaseDC
IsWindow
ShowWindow
CallWindowProcA
TrackMouseEvent
GetPropA
wsprintfA
GetSystemMetrics
GetCursorPos
CloseClipboard
GetClipboardData
OpenClipboard
DispatchMessageA
PeekMessageA
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
GetDesktopWindow
GetClassNameA
GetWindowThreadProcessId
FindWindowA
GetDlgItem
UnregisterClassA
GetWindowTextA
GetForegroundWindow
SetWindowTextA
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
CreatePopupMenu
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
WaitForInputIdle
IsZoomed
GetClassInfoA
DefWindowProcA
GetSystemMenu
GetWindowRect
DeleteMenu
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
GetDlgCtrlID
AppendMenuA
ModifyMenuA
CreateMenu
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
LoadStringA
GetSysColorBrush
GetSubMenu
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
CreateAcceleratorTableA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
InvertRect
IsRectEmpty
ScrollDC
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
PostQuitMessage
FindWindowExA

kernel32

GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetEnvironmentStringsW
GetFileType
GetStdHandle
SetHandleCount
FreeEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
GetCommandLineA
GetVersion
RtlUnwind
TerminateProcess
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
SetFilePointer
SetUnhandledExceptionFilter
IsBadCodePtr
LCMapStringW
SetStdHandle
GetCurrentProcess
FlushFileBuffers
IsBadWritePtr
RaiseException
HeapCreate
HeapDestroy
GetVersionExA
LCMapStringA
LoadLibraryA
FreeLibrary
GetCurrentDirectoryA
GetLocalTime
Sleep
GetFileSize
ReadFile
GetTempPathA
GetTickCount
CreateFileA
WriteFile
CloseHandle
GetModuleFileNameA
IsBadReadPtr
HeapFree
GetEnvironmentVariableA
HeapAlloc
ExitProcess
GetProcessHeap
VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryW
MapViewOfFile
CreateFileMappingA
VirtualProtectEx
WideCharToMultiByte
LocalAlloc
LocalSize
lstrlenW
GlobalFree
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalAlloc
LocalFree
RtlMoveMemory
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetStdHandle
GetACP
HeapSize
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
CloseHandle
WaitForSingleObject
CreateProcessA
GetTickCount
GetCommandLineA
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
DeleteFileA
MoveFileA
GetFileAttributesA
FindClose
FindFirstFileA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateEventA
CreateThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
GetLastError
LoadLibraryA
FreeLibrary
GetFullPathNameA
GetUserDefaultLCID
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
GlobalReAlloc
FindNextFileA
lstrcpyA
WinExec
lstrlenA
lstrcatA
InitializeCriticalSection
DeleteCriticalSection
GlobalFree
GlobalSize
ExitProcess
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
RemoveDirectoryA
lstrlenW
ReadFile
LockResource
LoadResource
FindResourceA
SetEvent
CreateFileA
WaitForMultipleObjects
WriteFile
GetProfileStringA
LeaveCriticalSection
EnterCriticalSection
ReleaseSemaphore
ResumeThread
CreateSemaphoreA
Process32Next
Process32First
CreateToolhelp32Snapshot
SetFilePointer
GetFileSize
GetCurrentProcess
TerminateProcess
OpenProcess
GetWindowsDirectoryA
GetSystemDirectoryA
SetLastError
GetTimeZoneInformation
GetVersion
FileTimeToSystemTime
CreateMutexA
ReleaseMutex
TerminateThread
SuspendThread
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
LocalFree
InterlockedDecrement
InterlockedIncrement

gdi32

CreateCompatibleDC
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
Polygon
GetTextExtentPoint32A
Arc
Chord
Pie
RoundRect
GetCurrentObject
DPtoLP
LPtoDP
Rectangle
Ellipse
SetPixelV
CreateCompatibleDC
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
BitBlt
StartPage
StartDocA
DeleteDC
EndDoc
EndPage
GetObjectA
GetStockObject
CreateFontIndirectA
CreateSolidBrush
FillRgn
CreateRectRgn
CombineRgn
PatBlt
CreatePen
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBrushIndirect
SelectObject
CreatePatternBrush
CreateBitmap
CreateHatchBrush
GetDeviceCaps

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipGetImageHeight
GdipGetImageWidth
GdiplusStartup
GdipGetRegionBounds
GdipSetTextRenderingHint
GdipDeletePen
GdipDrawRectangleI
GdipSetSolidFillColor
GdipLoadImageFromFile
GdipLoadImageFromStream
GdipCreateSolidFill
GdipDisposeImage
GdipDeleteBrush

ole32

CreateStreamOnHGlobal
OleRun
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID

imm32

ImmAssociateContext
ImmGetContext
ImmGetCompositionStringW
ImmReleaseContext
ImmSetCompositionWindow

shell32

SHAppBarMessage
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA

shlwapi

PathFileExistsA

winmm

PlaySoundA
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
midiStreamRestart
waveOutUnprepareHeader
midiStreamStop
midiOutReset
midiStreamClose
waveOutRestart

ws2_32

WSAAsyncSelect
closesocket
send
select
WSACleanup
gethostbyname
inet_ntoa
ntohl
recvfrom
ioctlsocket
recv
getpeername
accept
WSAStartup

rasapi32

RasGetConnectStatusA
RasHangUpA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueA

oleaut32

UnRegisterTypeLi
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SysAllocString
VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetUBound
VariantChangeType
VariantClear
VariantCopy
SafeArrayGetLBound

comctl32

ord17
ImageList_Destroy

wininet

InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetConnectA
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA

comdlg32

GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
GetFileTitleA

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14.9MB - Virtual size: 14.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 678KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

157aaa82bf1e370f638effe5d56b2d89

Headers

File Characteristics

Imports

user32

kernel32

gdi32

gdiplus

ole32

imm32

shell32

shlwapi

winmm

ws2_32

rasapi32

winspool.drv

advapi32

oleaut32

comctl32

wininet

comdlg32

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 14.9MB - Virtual size: 14.9MB

.data Size: 404KB - Virtual size: 678KB

.rsrc Size: 120KB - Virtual size: 117KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 14.9MB - Virtual size: 14.9MB

.data
Size: 404KB - Virtual size: 678KB

.rsrc
Size: 120KB - Virtual size: 117KB